Yep, but for someone not running IMail/Declude, the integration with
spamassassin and amavisd-new works great.
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of NetEase Operations Manager
Sent: Wednesday, February 08, 2006 8:45 AM
To: sniffer@SortMons
Sniffer can be integrated into amavisd-new via spamassassin. SA will
capture the Sniffer score and add it to its total score and amavisd-new will
act on that score as it currently does with spamassassin integration.
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECT
I think a better solution or check-point might be to run any new rules (at
lease ones that may be questionable) though a corpus test of known spam and
ham to see how the new Sniffer rule functions. This is how the SARE and SA
folks evaluate their new rules and determine an appropriate weight to a
Don't know about the proper syntax for baregrep, but for the standard UNIX
grep for Win32, the following would give you an accurate count:
grep -c "Final.*828931" c:\imail\declude\sniffer\logfile.log
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of
Thomas, if your company cannot afford the rather small monetary increase,
and you are running that close to the edge, then maybe you should not be in
business. I for one am glad to hear the SNF is adding resources and has
mapped out a list of future feature enhancements. Please quit your grippin
Agree wholeheartedly!
Bill
From: Dean Lawrence [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 27, 2005 2:18 PMTo:
sniffer@SortMonster.comSubject: Re: Re[2]: [sniffer] Last chance to
renew at the old price!
You know, I just don't get where all of the doom and gloom comes from. Yes,
it
We do exactly this at our Postfix gateways, it's called greylisting. See
http://isg.ee.ethz.ch/tools/postgrey/. You may want to consider setting up
a gateway in front of your IMail server that supports greylisting.
Bill
-Original Message-
From: Mike Nice [mailto:[EMAIL PROTECTED]
Sent
Did you happen to comment out or not change either of the following
variables in your script to point to the correct drive\directory paths?:
SET SnifferDrive=c:
SET SnifferDir="c:\imail\declude\sniffer"
Which cause the calls to these variables later in the script's execution to
fail:
%SnifferDr
Strange, the script does not leave any temp files in my spool directory.
Bill
-Original Message-
From: George Kulman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 15, 2005 2:55 PM
To: sniffer@SortMonster.com
Subject: RE: [sniffer] Auto Sniffer Updates
There seemed to be a problem wi
Have you checked out ImailSnifferUpdateTools.zip?
It contains detailed instructions and can be downloaded from http://www.sortmonster.com/MessageSniffer/Help/AutomatingUpdatesHelp.html
Bill
From: Glenn \ WCNet [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 15, 2005 12:43 PMTo:
sniffer@S
Well, after a second look (reviewing the headers), it looks like the message
got hung-up in the convoluted mess of internal mail gateways that Siemens
maintains (which I have no control over). Sorry for the noise...!
Bill
-Original Message-
From: Landry William
Sent: Monday, January
Hmmm, a day and a half later this shows up on the list...???
Bill
-Original Message-
From: Landry William
Sent: Saturday, January 29, 2005 6:51 PM
To: sniffer@SortMonster.com
Subject: RE: [sniffer] Spam Storm Alert...
My only suggestion for QM is to disable "DNS Cache" a
My only suggestion for QM is to disable "DNS Cache" and "Failed Domain
Skipping", both of these caused problems for me in the early 8.xx versions,
so I have just left them off.
As far a the thread settings, that really depends on how many messages you
process per day. You may find some guidance
This little script can give you a raw hit count per test:
egrep "Clean|Final" c:\path\to\sniffer\sniffer.log | gawk "{print $8}" |
usort | uniq -c | usort
Bill
-Original Message-
From: Kirk Mitchell [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 08, 2005 11:20 AM
To: sniffer@SortMons
I would suggest taking a look at Nerd's (http://countries.nerd.dk/more.html)
instead of Blackholes, they are much more comprehensive in their available
tests, and they can all be with a single lookup, rather than one per country
zone.
Bill
-Original Message-
From: Matt [mailto:[EMAIL PRO
Yep, just checked mine rulebase too, went from 17mb to just under 25mb.
Things still appear to be functioning okay.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 04, 2005 9:49 PM
To: Computer House Support
Subject: Re[2]: [sniffer] RuleBase k
Thanks Pete, these are the kind of proactive notification I wish some of our
other vendors followed.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 04, 2005 1:35 PM
To: sniffer@SortMonster.com
Subject: [sniffer] Weak rule removal work...
Hell
ilto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Wednesday, December 29, 2004 2:46 PM
To: 'sniffer@SortMonster.com'
Subject: RE: [sniffer] Triggered rulebase update instructions
Documenting and troubleshooting rule creation/configuration I think would
only add to the complexity. Als
Bennie, I will send you my updated scripts and a couple of necessary
open-source utilities off-list (hopefully you can receive zipped executable
files - let me know if you don't receive my off-list message).
Also, as Pete mentioned, we have had some discussion on the list the past
couple of days
: [sniffer] Triggered rulebase update instructions
I agree on the simplicity, just thought it would be a bonus not to involve
sortmonster with the address changes.
Woody
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Wednesday, December 29
also continue to receive the notifications where ever you were
getting them before.
Woody Fussell
Wilbur Smith Associates
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Tuesday, December 28, 2004 9:08 PM
To: 'sniffer@SortMonste
Title: Message
I can
send you the files, if they will pass your virus filters (.exe files).
Otherwise, they are included in the Win32 UNIX Utilities download that you can
find at http://unxutils.sourceforge.net/.
Or you can find gzip at http://www.gzip.org/ and wget at http://www.gnu.org/s
Title: Message
John,
since you have not implemented a trigger program alias yet, would you be willing
to test the setup instructions and provide feedback?
Bill
-Original Message-From:
John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED] Sent:
Tuesday, December 28, 2004 10:30 PMTo:
Title: Message
Thanks
for all of the suggestions, Matt. See my comments
below:
-Original Message-From: Matt
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 28, 2004 10:17
PMTo: sniffer@SortMonster.comSubject: Re: [sniffer]
Triggered rulebase update instructionsBill,I
Attached is an updated instructions file to fix some typos and missed
information. I'll send out another update after receiving feedback from
others.
Bill
---
This message and any included attachments are from Siemens
nna change that... That's also one of the
reasons I posted to the list :) I'm always trying to make things harder
for myself ;)
Thanks,
Russ
Landry William wrote:
> Russ, why go through all of the additional steps? I just pointed my
> program alias directly to my snfupd.
It's actually compared to your running .snf file, not the .new file, since
the file is renamed .new as part of the download with the "-O" switch.
Bill
-Original Message-
From: Darrell ([EMAIL PROTECTED]) [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 28, 2004 11:39 AM
To: sniffer@Sor
Title: Message
Good
idea, Matt. I'll put together a draft and submit it to the list for review
later today. I'll also include the open-source gzip file so that
everything is contained in one package (instructions, download script, and gzip
file).
Bill
-Original Message-From
Russ, why go through all of the additional steps? I just pointed my program
alias directly to my snfupd.cmd file and it works just fine.
Bill
-Original Message-
From: Russ Uhte [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 28, 2004 12:33 PM
To: Daniel Ivey
Cc: sniffer@SortMonster.c
"Curl" is an awesome application that we also use for automating downloads.
"Wget" also supports conditional downloads based on time/date stamp when
using the -N switch. In ether case, please also use the compression support
built into each application, the sniffer rulebase files can be compresse
ginal Message-From: [EMAIL PROTECTED]
<[EMAIL PROTECTED]>To:
Landry William <sniffer@SortMonster.com>Sent:
Mon Dec 27 12:36:06 2004Subject: Re[2]: [sniffer] Sniffer
UpdatesOn Monday, December 27, 2004, 12:46:19 PM, Landry
wrote:LW> Are folks taking ad
Are folks taking advantage of the "wget" compression option before
downloading their rulebase updates? If the slow download speeds are a
bandwidth saturation issue on the Sniffer end, this would certainly cut down
on the bandwidth requirements on their end and increase the download times
for ever
Title: Message
-Original Message-From:
Chris Ulrich [mailto:[EMAIL PROTECTED]]>
OK, being a new (and very happy) customer ...>>>
For example, we will be introducing rules that watch for
bounces>> that contain large numbers of failed addresses -
indicating a>> probable dictiona
About half-way down the page at:
http://www.sortmonster.com/MessageSniffer/Try-It.html
Or the direct link at:
http://www.sortmonster.com/MessageSniffer/sniffer-2-3.2.tar.gz
Bill
-Original Message-
From: Mark E. Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, December 06, 2004 12:18 PM
T
Title: Sniffer rulebase download server down?
Pete, I am no longer able to download my rulebase files on either of our Sniffer servers. When I execute my download script, I immediately get:
gzip: LicenseID.new.gz: unexpected end of file
Is the rulebase download server down? Thanks for loo
Title: RE: Sniffer rulebase download server down?
Oops, never mind, I see the error of my ways... :-/
Bill
-Original Message-
From: Landry William
Sent: Friday, December 03, 2004 1:50 PM
To: [EMAIL PROTECTED]
Subject: Sniffer rulebase download server down
Here's what my Sniffer global.cfg entries for look like:
SNIFFER-TRAVEL external 047 "M:\Sniffer\LicenseID.exe AuthCode" 07 0
SNIFFER-INSURANCE external 048 "M:\Sniffer\LicenseID.exe AuthCode" 12 0
SNIFFER-AV-PUSH external 049 "M:\Sniffer\LicenseID.exe AuthCode" 10 0
SNIFFER-WAREZ
Wow, I like the new direction you're moving towards! This will provide a
much more scalable, secure, and robust service due to its distributed
nature. Keep up the good work!
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 30, 2004 8:37 PM
To
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
On Tuesday, November 30, 2004, 1:36:13 PM, Andrew wrote:
CA> Pete, could you recap for us how to set up a "Declude project" to
forward
CA> non-sniffer-detected spam to a custom spamtrap address at SortMonster?
CA> Perhaps two
No problems experienced here on either of our servers.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 23, 2004 6:12 AM
To: System Administrator
Subject: Re[2]: [sniffer] New Version 2-3.2 has been officially released.
On Tuesday, November 2
Sure, fire away... ;-)
-Original Message-
From: Karen Perry [mailto:[EMAIL PROTECTED]
Sent: Monday, November 22, 2004 5:22 PM
To: [EMAIL PROTECTED]
Subject: Re: Re[2]: [sniffer] How are folks doing with the latest version?
ready for a news item yet?
-- Original Message -
See http://www.sortmonster.com/MessageSniffer/Installation/HowTo.html
Bill
-Original Message-
From: Michael E. Cummins [mailto:[EMAIL PROTECTED]
Sent: Sunday, November 21, 2004 11:14 PM
To: [EMAIL PROTECTED]
Subject: RE: [sniffer] How are folks doing with the latest version?
I don't t
So far so good...
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 12:28 PM
To: [EMAIL PROTECTED]
Subject: [sniffer] How are folks doing with the latest version?
Hello Sniffer Folks,
I am curious to know how many folks have been usi
gards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of
ness)
Fax:+1 201 934-9206
http://www.HM-Software.com/
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Monday, November 01, 2004 11:03 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [sniffer] Your Sniffer Setup
See http://suppor
See http://support.microsoft.com/default.aspx?scid=kb;en-us;137890 for
simplified instructions.
Bill
-Original Message-
From: Andy Schmidt [mailto:[EMAIL PROTECTED]
Sent: Monday, November 01, 2004 6:26 AM
To: 'Keith Johnson'
Subject: RE: [sniffer] Your Sniffer Setup
Hi Keith,
It's pr
sure - then you should be alright!
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Monday, November 01, 2004 03:32 AM
To: '[EMAIL PROT
L PROTECTED]
On Behalf Of Landry William
Sent: Monday, November 01, 2004 02:15 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [sniffer] Persistent Server setup with SrvAny Resource Kit tool
Hmmm, that's strange, since I use SrvAny, as well. And it has worked with
all Sniffer updates since th
file with the very current time-stamp?
Best Regards
Andy Schmidt
Phone: +1 201 934-3414 x20 (Business)
Fax:+1 201 934-9206
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Landry William
Sent: Monday, November 01, 2004 02:15 AM
To: '[EMAIL
Hmmm, that's strange, since I use SrvAny, as well. And it has worked with
all Sniffer updates since the first persistent version was released. Also,
my "Parameters" registry entry does not look anything like yours:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sniffer\Parameters]
Applic
p.s.
Instead of Scheduled Tasks, I use the "AT" command from the command line so
that the update runs as the SYSTEM account; I'd rather have multiple AT
commands than remember to change the password on an account and all of it's
Scheduled Tasks.
-
Sure, executing the script via the e-mail notification would work fine.
However, in that case you will not really need to test that the rulebase
file has changed, so you could remove the "-N" switch from the wget line.
Bill
-Original Message-
From: Sheldon Koehler [mailto:[EMAIL PROTECTE
It should be included in the zip/gzip file you downloaded.
Bill
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 28, 2004 3:28 PM
To: Pete McNeil
Subject: Re[5]: [sniffer] Version 2-3.1 Official Release
Hi,
I have no .cfg in the sniffer dire
Yep, we reported a but to Ipswitch several months ago, as well, and followed
up several times since then, and although they have release IMail patches
since we reported this, they have not fixed the issue. It has to do with
passwords not being case sensitive when using SQL as you user database.
Here is what I've been using for several months now, compiled from the
original Sniffer autosnf.cmd file and suggestions found on this list:
=
rem First, get the updated rules file from the web site.
wget -N http://www.sortmonster.net/Sniffer/Updates/rulebase.snf -O
rulebase.new.gz --header=A
Aren't you using the compression option to gzip your files before
downloading them? This compresses a 14mb file down to about 4mb, which
greatly helps in the download times and reduces the bandwidth requirements
on the SortMonster end. Also, are you downloading on some fixed schedule or
when upd
It's been running fine here on both of our server for the past few days.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Monday, October 25, 2004 4:33 PM
To: [EMAIL PROTECTED]
Subject: [sniffer] 2-3.0i9 looks good to me... How about you?
Hello Sniffer Folks,
This is from Pete's message of 10/14/2004, announcing Version 2-3.0i5 to the
Sniffer list:
MDaemon users should see a significant improvement in performance.
Please let me know if this is true. The reason is that since most
MDaemon system integrate Message Sniffer through the content filter
It works for me.
Bill
-Original Message-
From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 12, 2004 9:16 AM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] New beta v2-3.0i4
Link not working
- Original Message -
From: "Pete McNeil" <[EMAIL PROTECTED]>
To:
Title: Sniffer misses "NIGERIAN" type spams
Pete, I am wondering why Sniffer has such a problem detecting the so-called "NIGERIAN" types of spam. It seems that I have been forwarding several of them daily to the spam@ address for weeks, but Sniffer still consistently misses them. There must
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
I've actually been thinking very strongly of reorganizing the rule group IDs
recently. Especially in light of the new changes we've made with robots et
al. The accuracy of the Experimental IP group has gone up considerably -
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
LW> I have seen a fairly substantial increase on false positives today.
LW> I have submitted several FPs to the false@ address. Has there been
LW> a big change in the core rulebase today? I wouldn't think that
LW> upgrading
Title: Increase in FPs
I have seen a fairly substantial increase on false positives today. I have submitted several FPs to the false@ address. Has there been a big change in the core rulebase today? I wouldn't think that upgrading to the new code this morning would cause this, would it?
Bi
Pete, I started running the new code this morning, and so far, so good.
I'll let you know if I see anything strange.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 14, 2004 8:56 AM
To: Agid, Corby
Subject: Re[2]: [sniffer] Surprising missed
Haven't seen it here, but sounds like it could possibly be some kind of
permissions issue. What account is the script running under, and what are
the permissions on the file?
In my master.cf file (user=snfilter):
snfilterunix- n n - 10 pipe
flags
That's strange, our Exchange server does not strip off any of the Declude
headers.
Bill
-Original Message-
From: John Tolmachoff (Lists) [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 11:52 AM
To: [EMAIL PROTECTED]
Subject: RE: Re[6]: [sniffer] Effectiveness (lately)
Should I
It's an orphan, you can safely delete it.
Bill
-Original Message-
From: Keith Johnson [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 10:29 AM
To: [EMAIL PROTECTED]
Subject: [sniffer] FIN File
I found a .fin file in my sniffer directory and didn't know if anyone
knew what it wa
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
LW> Pete, I put together a little script that modifies the Q*.SMD file
LW> for identified spam messages that were held in my spam directory,
LW> but were not tagged by Sniffer, and can forward a copy of these
LW> messages to y
Title: Spam submissions
Pete, I put together a little script that modifies the Q*.SMD file for identified spam messages that were held in my spam directory, but were not tagged by Sniffer, and can forward a copy of these messages to your spam@ address. However, the messages will look like the
Sounds good to me.
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Friday, July 16, 2004 12:01 PM
To: [EMAIL PROTECTED]
Subject: [sniffer] IP Rules moving to Group 60
Importance: High
Hello Sniffer Folks,
We are planning to split the Experimental rule grou
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
> I would like to post instructions and/or files on our web site that
> show exactly how (step-by-step) to integrate Message Sniffer with
> SpamAssassin. It seems this information is hard to find /
> understand and I would li
Pete, this proposed change seems to make sense to me. Just let us know when
you plan to make the change.
Thanks,
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 24, 2004 12:36 PM
To: [EMAIL PROTECTED]
Subject: [sniffer] Gray Hosting Change Of St
Pete, would you consider assigning a specific result code, other than "0",
for tests that come back as "WHITE' versus "CLEAN"? I would like to add a
negative weight in Declude for messages that are specifically whitelisted
versus just clean. Thoughts?
Thanks,
Bill
Here is a sample of what I use:
=
SNIFFER-TRAVEL external 047
"M:\IMail\Declude\TPA\Sniffer\YourLicenseID.exe YourAuthCode" 05 0
SNIFFER-INSURANCE external 048
"M:\IMail\Declude\TPA\Sniffer\YourLicenseID.exe YourAuthCode" 10 0
SNIFFER-AV-PUSH external 049
"
Title: Message
Oops,
my bad, I had inadvertently uncommented the "Lifetime"
line.
Thanks,
Bill
-Original Message-From: Pete McNeil
[mailto:[EMAIL PROTECTED] Sent: Sunday, May 16, 2004 5:07
AMTo: [EMAIL PROTECTED]Subject: Re: [sniffer]
Sniffer v2-3 "Persistent Instan
Title: Sniffer v2-3 "Persistent Instance" keeps stopping
Pete, I am running v2-3 as a service using utilities from the W2K resource kit. When I start the service I see (masked rulebase ID):
05/15/2004 11:30p 0 RuleBaseID-20040516063150x38214000-2436.SVR
And this will stay persist
PM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
Is this by design
- Original Message -
From: "Landry William" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, May 09, 2004 11:08 PM
Subject: RE: [sniffer]
!
When I do it the window pop-up is blank
- Original Message -
From: "Landry William" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, May 09, 2004 10:59 PM
Subject: RE: [sniffer] Message Sniffer Version 2-3 Official Release!
>
> Fredrick, I sto
]
Sent: Sunday, May 09, 2004 7:32 PM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message Sniffer Version 2-3 Official Release!
I am having problems getting it started from the command prompt.
- Original Message -
From: "Landry William" <[EMAIL PROTECTED]>
To: <[EMA
It seems to be working fine for me. I have it running as a service, per
Matt's instructions using the W2K resource kit files, and it has been
running fine all day.
Bill
-Original Message-
From: Frederick Samarelli [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 5:10 PM
To: [EMAIL
Thanks Pete! One other question. I am now downloading my rulebase files as
.gz files (much faster downloads now). Are you prepared to receive our log
file uploads either zipped or gzipped?
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Sunday, May 09, 2004
Pete, am I correct in assuming that the configuration file (snfrv2r3.cfg)
should also be renamed for your license ID, as well?
Bill
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
Sent: Monday, May 10, 2004 2:08 AM
To: [EMAIL PROTECTED]
Subject: Re: [sniffer] Message Snif
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
> Since we're both up at this insane hour. Would you mind making a test?
> I've just shut down the Sprint line - so we're running through Savvis
> exclusively. If I'm right about the connectivity issue then you should
> be a
-Original Message-
From: Pete McNeil [mailto:[EMAIL PROTECTED]
> Normally our bandwidth is sufficient. We have considered mirror sites
also,
> and we have plans to move our hosting into a local Equinix facility where
> we will have similar bandwidth to yours and other benefits. Unfortu
handle the migration
of new rule-base files into a busy Sniffer environment?
Bill
-Original Message-
From: Landry William
Sent: Thursday, March 25, 2004 3:52 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [sniffer] Spam storm?
Looks like a bandwidth issue to me, since even doing th
it is downloaded automatically via the Windows Task CMD, then
>sniffer fails and the log fills up with the BAD_MATRIX errors.
>
>Anyone else seeing this?
>
>
>Mike
>
>
>- Original Message -
>From: "Landry William" <[EMAIL PROTECTED]>
>To: <
I run snf2check.exe against every .snf file downloaded. I just checked it
again manually, and no errors were reported. I now have almost 3500
Error_Bad_Matrix entries in today's log.
Bill
-Original Message-
From: Vivek Khera [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 25, 2004 12:5
Me too. I have 2252
"ERROR_BAD_MATRIX" entries in my log so far today. Pete, what's going on
here? I am still running v2r1, not the latest alpha/beta
version.
Bill
-Original Message-From: Butch Andrews
[mailto:[EMAIL PROTECTED]Sent: Thursday, March 25, 2004 10:23
AMTo: [
I see over a 1000 of these ERROR_BAD_MATRIX entries in my Sniffer log file
today, as well. Is this due to the ruleset issue from earlier today?
Bill
-Original Message-
From: Sheldon Koehler [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 24, 2004 3:19 PM
To: [EMAIL PROTECTED]
Subject:
Title: Message
ClamAV
works very well, and is lightening fast when run daemonized
(clamd). It's also hard to beat the price! I run is along with
F-Prot and McAfee's uvscan, and Clam seems to keep up with the commercial
scanners as far as virus updates.
Bill
-Original Message---
Possibly the site you are pointed to for the definition downloads is late in
getting the updates? I point to ftp1.mirrors.frisk.is for updates and was
catching Netsky on the 18th.
Bill
-Original Message-
From: Mike VandeBerg [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 24, 2004 7:
Title: Message
The
virus definitions F-Prot released today is what is now catching Mydoom.F, as
F-Prot has been catching them since about 3am here and I have not upgraded to
3.14c yet.
Bill
-Original Message-From: Matt
[mailto:[EMAIL PROTECTED] Sent: Tuesday, February 24, 2
Thanks! I think I will take a look at the 2.70 snapshot, since it
now supports system-wide plug-ins (and SPF).
Bill
-Original Message-From: Bill Boebel
[mailto:[EMAIL PROTECTED]Sent: Monday, February 09, 2004 4:24
PMTo: [EMAIL PROTECTED]Subject: RE: [sniffer]
Error with P
Bill,
what version of SA are you running, and how are you integrating Sniffer into
SA? I would like to try this on one of my test
servers.
Thanks,
Bill
-Original Message-From: Bill Boebel
[mailto:[EMAIL PROTECTED]Sent: Monday, February 09, 2004 3:50
PMTo: [EMAIL PROTECTE
94 matches
Mail list logo